French administrations, target of cyberattacks

Not a month goes by without the administration or the community seeing an attack on their computer systems. In December, the municipality of Montceau-les-Mines tried to at least secure the payment of the salaries of its agents after the paralysis of its networks. At the end of January in Saint Cloud, a group of hackers demanding a ransom were leaked to the darknet, several internal documents; the same gang attacked the Justice Department a few days later. Most recently, 250 of his computer systems were blocked in the department of Indre-et-Loire in July.

The process seems to be expected and effective: “hackers” freeze part of the organization’s activities and issue an ultimatum. If the ransom is never officially paid by government agencies, restoring services that have been damaged for years costs them several hundred thousand euros. In early 2022, a dozen IT services were still unavailable in Angers, twelve months after the attack.

Weekly incident in medical facilities

These attacks are becoming more and more numerous. According to the latest report from the government’s Cyberveillance system, requests for help from professionals increased by more than 95% between 2020 and 2021, with 312 requests for help from communities and administrations for all types of hack attacks. 20% of these requests end in a ransom attempt.

One of the most vulnerable targets: hospitals. In 2021, the National Office for the Security and Protection of Information Systems (Anssi) reported an average of one case of this type per week in French healthcare facilities. “These sites are all the more vulnerable because major system security updates may require activity to switch to ‘critical’ mode, which is much more delicate when lives are at stake,” explains Christoph Gegen, cybersecurity expert at Magellan Partners.

The latest example is the Hospital Center of the South Île-de-France (CHSF) in Corbeil-Essonne, the victim of a computer attack on the night of Saturday to Sunday. “Dramatic and unacceptable” attack by Minister of Health François Brown, excluding any “threat” to patient care without the help of IT. “No (hospital) institution has paid and will not pay (ransom),” the director of CHSF said after the hackers demanded in English the sum of $10 million.

Over one billion euros by 2025

French doctrine that does not discourage attackers. “This is not a French problem, but an international one. Hackers are most often found very far from home, abroad: they attack hospitals from all sides, regardless of location and without reading press statements, because the scheme could bring them big money elsewhere, ”says Jérôme Billois, cybersecurity expert consulting company. Wavestone firm. In 2020, the US FBI reported that $140 million had been paid out by private and public entities over six years.

In February 2021, faced with cyber attacks, Emmanuel Macron presented a plan to allocate one billion euros by 2025 to secure companies and administrations. With ambitious goals: to more than triple the turnover of the sector (25 billion in 2025 vs. 7.3 billion in 2019) and to double the workforce in the sector. In terms of hospitals, Ségur de la santé has allocated $350 million for cybersecurity. “A real gear change,” welcomes Jérôme Billot, “but the real question now is in the workforce: do we have enough manpower to provide this security? Cybersecurity training courses are far from complete. »


Back to top button

Adblock Detected

Please consider supporting us by disabling your ad blocker.